<?php

$oper = $_POST['oper'];

if (!isset($oper))
{
	die("Unknown command");
}

require('../dbconnect.inc.php');

if ($_POST['u_p_admin'] == 'Да')
{
	$_POST['u_p_admin'] = 1;
}
else
{
	$_POST['u_p_admin'] = 0;
}

if ($_POST['u_p_edit'] == 'Да')
{
	$_POST['u_p_edit'] = 1;
}
else
{
	$_POST['u_p_edit'] = 0;
}

switch ($oper) 
{

	case 'edit':

			if (($_POST['password1'] == $_POST['password2']))
			{
				try
				{
					$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
					$dbh->beginTransaction();

					if ($_POST['password1'] == '******')
					{
						$sth = $dbh->prepare('update  users set u_login=:login, u_name=:name, u_p_admin=:admin, u_p_edit=:edit where u_id=:uid');

						$sth->bindParam(':login',$_POST['u_login']);	
						$sth->bindParam(':name',$_POST['u_name']);
						$sth->bindParam(':admin',intval($_POST['u_p_admin']),  PDO::PARAM_INT);	
						$sth->bindParam(':edit',intval($_POST['u_p_edit']),  PDO::PARAM_INT);	
						$sth->bindParam(':uid',intval($_POST['id']),  PDO::PARAM_INT);	

						$sth->execute();

					}
					else
					{
						$sth = $dbh->prepare('update  users set u_login=:login, u_name=:name, u_password=PASSWORD(:password), u_p_admin=:admin, u_p_edit=:edit where u_id=:uid');

						$sth->bindParam(':login',$_POST['u_login']);	
						$sth->bindParam(':name',$_POST['u_name']);
						$sth->bindParam(':password',$_POST['password1']);
						$sth->bindParam(':admin',intval($_POST['u_p_admin']),  PDO::PARAM_INT);	
						$sth->bindParam(':edit',intval($_POST['u_p_edit']),  PDO::PARAM_INT);	
						$sth->bindParam(':uid',intval($_POST['id']),  PDO::PARAM_INT);	

						$sth->execute();
					}	

					$sth = $dbh->prepare('delete from users_groups where u_id = :uid');
					$sth->bindParam(':uid', intval($_POST['id']), PDO::PARAM_INT);
					$sth->execute();
					
					$sth = $dbh->prepare('insert users_groups (u_id, g_id) values (:uid, :gid)');

					foreach(split(',', $_POST['group_list']) as $grp)
					{
						$sth->bindParam(':uid', intval($_POST['id']), PDO::PARAM_INT);
						$sth->bindParam(':gid', intval($grp), PDO::PARAM_INT);

						$sth->execute();	
					}

					$sth = $dbh->prepare('delete from users_events where u_id = :uid');
					$sth->bindParam(':uid', intval($_POST['id']), PDO::PARAM_INT);
					$sth->execute();
					
					$sth = $dbh->prepare('insert users_events (u_id, e_id) values (:uid, :eid)');

					foreach(split(',', $_POST['event_list']) as $grp)
					{
						$sth->bindParam(':uid', intval($_POST['id']), PDO::PARAM_INT);
						$sth->bindParam(':eid', intval($grp), PDO::PARAM_INT);

						$sth->execute();	
					}

					$dbh->commit();
				}
				catch (Exception $e)
				{
					$dbh->rollBack();
				}
			}


			$sth = $dbh->prepare('update groups set name=?, g_desc=? where g_id=?');
			$sth->execute(array($_POST['name'], $_POST['g_desc'], $_POST['id']));

			$sth = $dbh->prepare('delete from users_groups where u_id = ?');
			$sth->execute(array($_POST['u_id']));

		break;

	case 'add':
			if (($_POST['password1'] != '******') && ($_POST['password1'] == $_POST['password2']))
			{
				try
				{
					$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
					$dbh->beginTransaction();

					$sth = $dbh->prepare('insert into users (u_login, u_name, u_password, u_p_admin, u_p_edit) values (?,?,PASSWORD(?),?, ?)');
					$sth->execute(array($_POST['u_login'], $_POST['u_name'], $_POST['password1'], $_POST['u_p_admin'], $_POST['u_p_edit']));

					$id = $dbh->lastInsertId();

					$sth = $dbh->prepare('insert users_groups (u_id, g_id) values (:uid, :gid)');

					foreach(split(',', $_POST['group_list']) as $grp)
					{
						$sth->bindParam(':uid', intval($id), PDO::PARAM_INT);
						$sth->bindParam(':gid', intval($grp), PDO::PARAM_INT);

						$sth->execute();	
					}

					$sth = $dbh->prepare('insert users_events (u_id, e_id) values (:uid, :eid)');

					foreach(split(',', $_POST['group_list']) as $grp)
					{
						$sth->bindParam(':uid', intval($id), PDO::PARAM_INT);
						$sth->bindParam(':eid', intval($grp), PDO::PARAM_INT);

						$sth->execute();	
					}

					$dbh->commit();
				}
				catch (Exception $e)
				{
					$dbh->rollBack();
				}
			}
		break;

	case 'del':

			try
			{
				$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
				$dbh->beginTransaction();

				$sth = $dbh->prepare('delete from users where u_id=:uid');
				$sth->bindParam(':uid', intval($_POST['id']), PDO::PARAM_INT);
				$sth->execute();

				$sth = $dbh->prepare('delete from users_groups where u_id = :uid');
				$sth->bindParam(':uid', intval($_POST['id']), PDO::PARAM_INT);
				$sth->execute();

				$sth = $dbh->prepare('delete from users_events where u_id = :uid');
				$sth->bindParam(':uid', intval($_POST['id']), PDO::PARAM_INT);
				$sth->execute();

				$dbh->commit();
			}
			catch (Exception $e)
			{
				$dbh->rollBack();
			}

		break;

	case 'check':

			try
			{
				$sth = $dbh->prepare('select count(*) as count from users where u_login=:login');

				if ($sth->execute(array(':login' => rtrim(ltrim(addslashes($_POST['login']))) )))
				{
					$alldb = $sth->fetchAll(PDO::FETCH_ASSOC); 

					if ($alldb[0]['count'] > 0)
					{
						$response['error'] = 'Пользователь с таким логином уже существует.';
					}
					else
					{
						$response['message'] = 'Успешно';
					}
				}
			}
			catch(Exception $e)
			{
				$response['error'] = 'Невозможно проверить пользователя.';
			}

			echo json_encode($response);
	break;


}
?>